This study committee will study the need for and feasibility of uniform or model state legislation concerning identity management in electronic commerce. Identity management is a set of processes to manage the identification, authentication, and authorization of individuals, legal entities, devices, or other subjects in online and other electronic contexts. It provides the answer to two simple questions that each party asks about the other party: “Who are you?” and “How can you prove it?”
The committee will consider whether there are viable uniform or model legal approaches to address concerns about trustworthiness, including for example, disclosure requirements that allow parties to accurately assess risks; giving various legal effects to certain types of conduct that might enhance or detract from trust; and imposing requirements that govern conduct to ensure trust. The committee’s study will also include examining the need for and feasibility of state law governing the level of security provided by a party to an identity management transaction or by a trust service provider; defining the legal effect of electronic identification and authentication; interstate recognition of an electronic transaction under particular identification and authentication standards; allocation of liability; and remedies for a party’s failure to meet its obligations.